Encrypting values in property file

Hi,
is there a way to encrypt values in a liquibase property file similar to how it is done in Spring with Jasypt?
Pls note that I’m aware about encrypting values in Maven. But this is not what I’m looking for.

Thanks

Hi Viad,

I haven’t tried it yet, you can look at the JIRA https://liquibase.jira.com/browse/CORE-1932 and check the commits. It is available since 3.3.0

Yes, thanks, I found it already and it is working. It’s just missing any example of the implementation, so, it took me some time to realise how to make it work.
The way it has been implemented is a bit uncomfortable. It would be natural sending the encryption key from the plugin parameters to the class constructor. Then, you could be using one of the existing encryption libraries with no need in writing any code.
But it is expecting a constructor with no parameters in the class. Then, you need to invent your own mechanism for deriving the encryption key and code it in java. You need to know java for this.

Hey @vlad,

I’m glad you are interested in this, if you do know Java, your work can make it into liquibase. We are always accepting PRs and this is hacktoberfest hackathon month, so you can participate and get swag while making modifications you want anyways. Here some useful links:

To make a PR to modify or add functionality to liquibase:

Hackathon Infor:

Hope that helps!

Ronak

My preference is always to get these values from Secrets API, and then write the values into the properties file which the sed command makes pretty easy.

sed -e 's/<username>/${username}/' -e 's/<password>/${password}/' liquibase.properties > liquibase-with-secrets.properties

We make sure the code deletes the properties file after we are done.

Interesting. Sharing this with a few Liquibase Product afficianadoes (@Pete & @mariochampion & @NathanVoxland) to see if this is something we want for all.